Official New Updated 70-486 Exam Questions and Answers Shared By Braindump2go For Free Download Today! (141-150)

2015 New Updated 70-486 Exam Dumps Questions and Answers are all from Microsoft Official Exam Center! Some new questions added into this new released 70-486 Dumps! Download 70-486 Exam Dumps Full Version Now and Pass one time!

QUESTION 141You are developing an ASP.NET MVC application that uses forms authentication. The application uses SQL queries that display customer order data.Logs show there have been several malicious attacks against the servers.You need to prevent all SQL injection attacks from malicious users against the application.How should you secure the queries?

A. Check the input against patterns seen in the logs and other records.B. Escape single quotes and apostrophes on all string-based input parameters.C. Implement parameterization of all input strings.D. Filter out prohibited words in the input submitted by the users.

Answer: CExplanation:SQL Injection Prevention, Defense Option 1: Prepared Statements (Parameterized Queries)The use of prepared statements (aka parameterized queries) is how all developers should first be taught how to write database queries. They are simple to write, and easier to understand than dynamic queries. Parameterized queries force the developer to first define all the SQL code, and then pass in each parameter to the query later. This coding style allows the database to distinguish between code and data, regardless of what user input is supplied.Prepared statements ensure that an attacker is not able to change the intent of a query, even if SQL commands are inserted by an attacker.Reference: SQL Injection Prevention Cheat Sheet

QUESTION 142You are developing an ASP.NET MVC application that uses forms authentication against a third-party database.You need to authenticate the users.Which code segment should you use?

A. Option AB. Option BC. Option CD. Option D

Answer: CExplanation:Class ProviderBaseThe provider model is intended to encapsulate all or part of the functionality of multiple ASP.NET features, such as membership, profiles, and protected configuration.

QUESTION 143You are designing an enterprise-level Windows Communication Foundation (WCF) application. User accounts will migrate from the existing system.The new system must be able to scale to accommodate the increasing load.You need to ensure that the application can handle large-scale role changes.What should you use for authorization? (Each correct answer presents a complete solution.Choose all that apply.)

Answer: BCExplanation:Advanced Maturity: Authorization as a Service In the advanced level of maturity for authorization, role storage and management is consolidated and authorization itself is a service available to any solution that is service- enabled.– The Trusted Subsystems ModelOnce authorization is available as an autonomous service, the need for impersonation is eliminated. Instead of assuming the identity of the user, the application uses its own credentials to access services and resources, but it captures the user’s identity and passesit as a parameter (or token) to be used for authorization when a request is made. This model is referred to as the trusted subsystem model, because the application acts as a trusted subsystem within the security domain.

QUESTION 144Drag and Drop QuestionYou are building an ASP.NET MVC web application.The application will be viewed by users on their mobile phones.You need to ensure that the page fits within the horizontal width of the device screens.You have the following markup:Which markup segments should you include in Target 1, Target 2 and Target 3 to complete the markup? (To answer, drag the appropriate markup segments to the correct targets. Each line of code may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)Answer:

QUESTION 145Drag and Drop QuestionYou are developing an ASP.NET MVC web application that requires HTML elements to take on new behaviors. These should be implemented with a behavior script in a page that is only for Microsoft Internet Explorer users. The colorchange.js script uses the Microsoft CSS vendor-specific Behavior extension.You need to apply the script with CSS.You need to use the script to change the color of text.You have the following markup:Which styles should you include in Target 1 and Target 2 to complete the markup? (To answer, drag the appropriate styles to the correct targets. Each style may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)Answer:

QUESTION 146Drag and Drop QuestionYou are developing an ASP.NET MVC application in Visual Studio 2012. The application will be viewed with browsers on desktop devices and mobile devices. The application uses the Razor View Engine to display data.The application contains two layouts located in the /Views/Shared directory.These layouts are named:– _Layout.cshmtl– _MobleLayoutcshtmlThe application must detect if the user is browsing from a mobile device. If the user is browsing from a mobile device, the application must use the _MobileLayout.cshtml file. If the user is browsing from a desktop device, the application must use .Layout, cs html.You need to ensure that the application renders the layout that is appropriate for the browser.You have the following code:Which code segments should you include in Target 1, Target 2 and Target 3 to complete the code of the ViewStart.cshtml file? (To answer, drag the appropriate code segments to the correct targets. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)Answer:

QUESTION 147You are developing a controller for an ASP.NET MVC application that manages message board postings.The security protection built in to ASP.NET is preventing users from saving their HTML.You need to enable users to edit and save their HTML while maintaining existing security protection measures.Which code segment should you use?

A. Option AB. Option BC. Option CD. Option D

Answer: B

QUESTION 148You are designing an MVC web application.The view must be as simple as possible for designers who do not have a technical background.You need to combine two existing models to meet the requirement.Which component of the MVC framework should you use?

A. ViewB. View ModelC. ControllerD. Model

Answer: B

QUESTION 149Hotspot QuestionYou are using the features of the IIS SEO Toolkit to configure the website.You need to exclude search engines from indexing parts of website.What should you do? (To answer, select the appropriate option from the drop-down list in the answer area.)Answer:

QUESTION 150You are developing an application that uses many small images for various aspects of the interface.The application responds slowly when additional resources are being accessed.You need to improve the performance of the application.What should you do?

A. Preload all the images when the client connects to ensure that the images are cached.B. Combine all the images into a single image and use CSS to create sprites.C. Host all images on an alternate server and provide a CDN.D. Convert the images to .png file format and stream all images on a single connection.